An Application Source Code Review Will Consist Of Static (SAST) And Dynamic Source Code Security Assessment (DAST), Vulnerability Scanning, Automated And Manual Identification.
Highlights
Spidering - attempts to identify application functionality by automated traversal of site hierarchy and permuting common variations on popular naming conventions.
Manual fault injection -manual submission of malicious data to identify security vulnerabilities in request path.
Automated fault injection ( fuzzing ) - automated submission of a range of malicious data to identify security vulnerabilities in request path.
Known vulnerability testing - identification of vulnerabilities in the hosting platform ( web server , servlet container ) using primarily automated analysis techniques .
Candidate point - automated analysis to pinpoint known vulnerability patterns , followed by manual analysis to validate any vulnerability candidate.
Data correlation.
Research vulnerabilities.
Eliminate false positives.
Investigate the extent of the findings.
Report generation.
Awarded & Facilitate Compliance
All Posts
×
Cookie Use
We use cookies to ensure a smooth browsing experience. By continuing we assume you accept the use of cookies.